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Amend ments to the Claims 

Tins listing oi' claims will replace all prior versions, and listings, of claims in the 

application: 

listing of Claims: 

1. (originai) In a computer network environment comprising a wired computer network 
i n r i' m i by at >asf. on letwork device operative to switch or route data units 
between devices connected thereto, the data units including a source address and a 
destination address, wherein the at least one network devi.ee comprises at least two ports 
to which other devices connect, and wherein. the at least one network device is operative to 
store the source addresses of the data units encountered at the ports of the at least one 
network device, a method for containing rogue access points, comprising 

detecting a rogue access point, the rogue at s\ > t. connect I to the wi 1 
computer network and bridging wireless traffic between at least one rogue client and the 
wired computer network; 

determining the address of at least one rogue client associated with the rogue access 
point; and 

identifying the port to which the rogue access point is connected by querying, using 
the addresses of the at least one rogue client in the determining step, the at least one 
network device tor the port at which data units sourced from ie at least oi ro it 0 
were encountered . 

2. (original) The method of claim 1 further comprising 

dis ■>[ i „ s. .m s n, d pi 
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3. (original) The method of claim 1 further comprising 

locating the edge pert, if more than one network device responds in the polling 

step. 

4. (original) The method of claim 1 wherein the at least one network device is an 'Ethernet 
switch. 

5. (original) in a wireless network environment comprising at least one authorized access 
point,, a i 1 tor a i r ^ ue access >o is, the og e u es points i eluding a 
virtual carrier-sense mechanism operative to adjust a counter in response to wireless 
frames transmitted from wireless stations, wherein the data frames include a duration 
value, the counter controlling the transmission of frames by the rogue access point, 
comprising 

detecting a rogue access point,: 

identifying at least one authorized access point that neighbors the rogue access 

point: 

selecting a least one authorized access point n the idencif ing ste 
configs tgi c t least one selected a c tss point to f J i n nit wireless 
frames, the data frames including a predetermined duration value, and wherein the 
interval at which the data frames are periodically transmitted is less than the duration 
value. 

6. (original) The method of claim 5 wherein the wireless frames are transmitted on all 
available frequency channels. 
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7. (original) The method of claim 5 further comprising 

identi ne io oh n n hid h< - , i a >ss p< i s transmit \ and 
wherein the wireless frames are transmitted on the identified channel. 

8. (orig lai) , e !£ od claim > fui n comp sing 

identifying the channel on which the rogue access point is transmitting; and 
wherein the wireless frames are transmitted on a range of channels centered on the 
identified channel. 

9. (currently amended) In a wireless network environment implementing a protocol 
en; ig t ich uli 1 ions terminate connections with aes ss points < ere 

of de-authentication and/or disassociation frames, a method for containing rogue access 
points, comprising 

dot w, a i >gue cc > poin *ero < > point i w < 1 $ i e 
network address; 

selecting at least one authorized access point; 

en L "i * t > 1 t>--v c ut d > v ei . __j • <_ _ t t ». t 

v e.vj s i -a val to term inate teraffi.natate aaneclions between the rogue access 
point and the wireless client devices associated with the rogue access point to prevent 
tra mis i. of frames >etween the rogue access point and the wireless client devices 
sss ate I wi the rot se < cess po 1 1 

10. (currently amended) The method of claim 9 whewin fie. emulating step comprises 

{ ioc icallyh idea it [[ > I L <> uma ie-authentication mes 

wherein the source address of the de-atithentkation frames is the wireless network 
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address of the detected rogue access point 

11. (original) The method of claim 10 wherein the repetition interval is heuristically 
determined to prevent wireless clients from transmitting data to or receiving data from the 
.rogue, access point. 

1.2. ! > 10 further ccmpt> i 

upon detection of data frames transmitted between the rogue access point and a wireless 
client device. 

13, (original) The method of claim 10 further comprising 

periodically broadcasting, at a second, repetition interval, disassociation frames, 
wherein the source address of the disassociation frames is the wireless network address of 
the detected rogue access point. 

14, (currently amended) The method of claim 9 wherein the emulating step comprises 

periodically broadcasting, at [[a]] the repetition interval, disassociation frames, 
wherein .die source a dress > the disassociate ham - ? the ^ i less neia\ >> iddo ;of 
the detected rogue access point. 

15, s n y amended Tl^aesthe^ ^ p risco In 

v ^ m !! II K. , x \. c ± f ^ < < _ v h ] 

stations terminate connect ions \\ Jh access spurns - , _ «< 1 1 ^ 

d.^as- k up D L23' < * > t m containing rog ue access po*e ; - 

detectin g a r ogue access point h ^gia ^ce^s point ulen ied bya.wn fOa s 

FageSof 13 



AppLNo.: 10/611,660 
u idt Dated Jul) 31 201 
Rt s omn to )ffice A n of Ma 7 Ot 

network address; 

- i i, i ! k v- L _ > t > !> ! i 1 - , >^ a o 

emulating the rogue access point and periodically broadcasting., at repetition 
interval, beacon frames, wherein the beacon frames announce a contention tree period, 
, 1 I in. the con t peri ts greater I i < t ten 

1 6 . (cu rren fly a men d ed ) A r ogu e containment d evice, com pri sing 

a network interface operabiy connected to a computer network to communicate 
with at least one wireless network access device, 
a rogue containment module operative to 

receive data characterizing a rogue access point; 

configure one or more of the at least one wireless network access device to 
ejmdateliao^ 

mi. ol to transmit reffito^oata^^ 
aeeess-jaem-L 

17. (original} The rogue containment device of claim 16 wherein the at least one wireless 
network access device is an access point. 

18. (original) The rogue containment device of claim 16 wherein the at least one wireless 
network access device is an access element ii a hiei ical I net rl 

19. (canceled) 

20. (currently amended) The rogue containment device of claim [[19]] 16 wherein the 
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connection terminating frames are de-authentication frames. 

21. (currently amended) The rogue containment device of claim [[191] 16 wherein, the 
connection terminating frames are disassodation frames. 

22. (currently amended) The rogue containment device of claim [[19]] 16 wherein the; 
connection terminating frames are transmitted at a fixed repetition interval 

23. (currently amended) The rogue containment device of claim [[19]] 16 wherein the 
« itittk-i! < . y i ^d^is-a-^-e^rt^n- ^ n-t-e w ^ anonhuenitK 
rep ti.tion nt val s adjustec r espouse to detection o wireless tra ic transmitted 
between th v < < ss point and a vs ire c clien 

24. (currently amended) A wireless network system enabling a directed association 
mechanism., comprising 

a plurality of access elements for wireless communication with at least one remote 
client element and lor communication with a central control element; 

a central control element for supervising at least one of said access elements, 
wherein the central control element is operative to manage and control the wireless 
connections between the access elements and corresponding remote client elements; and 
wherein the access elements are each operative to: 

establish and maintain, in an access point mode, wireless connections 
with remote client elements; 

switch to a scanning mode for a scanning period at a scanning interval 
to detect wireless traffic, 
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record scan data characterizing the detected wireless traffic, and 

transmit the scan data to the central control element;, 
wherein the central control element is operative to 

process the scan data against information relating to known access 
elements to identify rogue access points, 

to contain the detected rogue access point(s); and 
'a i .nent is opeiative to 

„ esia " s 1 4 au ? i " h <- - i ot u leless 

t i i i c .cmotc chentLeinpn_ts, and 

bridge: network traffic between a compute r net w ork a nd ,i lenu-u- 

1 ' - ^ 1 ! ■ h 1 s > , ' ' 

25, (canceled) 

26, (currently amended) The system of claim [[25]] 24 wherein the computer network 
comprises at least one network device operative to switch or route data units between 
de\ ices connected tht reto, tiu data units including a source address and . destination 
t< tress, w <s i tin fc I toneneiw k de ce cca s sat leas two jo ts to which 
therdcvie< icci i the at least one network device is operative to store t 

source addresses of the data units encountered at the ports of the at least one network 
device, and 

wherein the central control element is operative to 

determine the address of at least one rogue client associated with the rogue 
access poin t; and 

identify the port to which the rogue access point is connected by querying, 
Page 8 of 13 



Amdt. Dated July 31, 2007 

Response to Office Action of May 17, 2007 

using the addresses of the at least one rogue client the at least one network device for the 
port at which data units sourced from the at least one rogue client were encountered. 

27. (original) The system of claim 26 wherein the central control element is operative to 
report the identified port to a network administrator. 

28. (original) The system of claim 26 wherein the central control element is operative to 
disable the identified port. 

29. (currently amended; The system of claim ([25]] 24 wherein the central control element 
is operative to configure one or more access elements to contain the detected rogue access 
poinds}. 

30. original) Thes i n 29 whe i the central control element is operative to 
configure one or more of the access elements to emulate the rogue access point and 
transmit c mnection-tei nina ting frames. 

31. (original) The system of claim 30 wherein the connection terminating frames arc do- 
authi nfcication frames. 

32. (original) The system of claim 30 wherein the connection terminating frames are 
disassociafion frames. 

33. i t The system ( i J! eherein the connection termi ating m< in 
transmitted at a fixed repetition interval. 
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34, (original) The system of claim 30 wherein the connect! on- terminating frames are 
trans lifted if i repetit >n nierval, and wherein- the repetitioi inten usi 
response to detection of wireless traffic transmitted between the rogue access point and a 
wireless client. 
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